1. Is cyberwarfare a serious problem? Why or why not?

Comments (0)

Transcript of 1. Is cyberwarfare a serious problem? Why or why not?

Group 71. Is cyberwarfare a serious problem? Why or why not?Sony: The World’s Largest Data BreachWhat management, organizational, and technology factors contributed to these problems?What impact did Sony data losses have on Sony and its Customers?What solutions would you suggest to prevent these problems?Cyberwarfare has become a huge problem, not just in the U.S but globally.Forms of Cyberwarfare1.botnets, 2. massive networks of computers that they control thanks to spyware and other malware, to launch large-scale DDos attacks on their target’s servers.

Although these are just to name a few.

Most companies rely on the internet for emails and internet, and will soon become dependent on it. Cyber attacks will grow as technology grows, especially since the cost is relatively low.According to the article, “In July 2009, 27 American and South Korean government agencies and other organizations were hit by a DDoS attack.” Although this did not affect sensitive data it was an wakening alarm.The government has been aware of these cyberwarfare attacks and has taken action, by launching a program called the “Perfect Citizen.” According to the article Mike McConnell, “stated that if even a single large American bank were successfully attacked, ‘It would have an order-of-magnitude greater impact on the global economy.”

Lost over 100 million of it’s customers’ information such as:Names, Dates of Birth, addresses, and even credit card numbers Sony/CustomersAs part of the attack they also took 75,000 million music codes and 3.5 million in coupons.The hackers deleted information from the logs so Sony authorized users were not able to see that data had been transferred.

This was a letter that was sent out to customers, although it took them a while to notify them.Sony ended up spending $170 million having to purchase privacy protection for customers to make them feel safe after the breach.

Notifying CustomersSony didn’t notify it’s customers about the attack until a week before it was released to the public. From this happening something called The Data Accountability and Trust Act of 2011 came out to make sure customers were notified of anything like this as well as the media within 60 days. Many times companies don’t want to release information of attacks for the fear of bad reputation. Luckily no credit card numbers of customer information was used to conduct fraud.

The case doesn’t mention it Sony lost customers, but what I can guess is that if it didn’t affect them much they are okay with it, and are happily playing!Samantha Perez, Marissa Galvan, Federico Stutzner, Joanna BluntSony did not know how to handle the breaching situation when it was happening.They had poor communication with their customers.Management did not take any responsibility and blamed it on a highly professional hackers.Management ProblemsManagementEmployees who handled the breach were not trained properly and failed to take of the problem sooner.The Company’s also did not put an alert out for the rest of their other companies and therefore their website was also hacked into.Sony is a highly known company but did not invest money on a security detection.Many around the world criticized Sony for not knowing what data was stolen from their company.OrganizationalTechnology ProblemsSony’s current security detection did not stop the breach at that instant but instead let it continue a couple of days after the first day. On April 20th the day after Sony had no idea what information was being takenThe company needs data breach alertness, and system where the outside computers are cut off from the company’s systems.The Sony case study highlights the importance of data security Therefore, it is crucial that gambling operators manage the expectations of their customers and take care to assess what would be acceptable and proportionate for the customer, not just "what is the minimum that we can do to comply with the law?"

If a breach does occur, effective handling of the response is key. This means planning and preparing for such an event in advance. A policy should be drawn up, under which it is suggested that prompt notification is made to both the customers and the regulators.

Different jurisdictions impose varying degrees of security standards. Adopting a 'highest common denominator' approach may be more onerous and expensive, but can minimize the risk of non-compliance, and also ensure that in the event of a security breach customers do not identify a disparity in their protection based on jurisdiction.

In the end, in a fast-paced, competitive market, there is no shortage of other operators waiting to collect disenchanted customers in the wake of a controversial security breach. Customer data is a key asset for gambling operators, who would be well advised to view its security as a priority.